CVE-2009-4644 Information

Description

Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command as demonstrated by modifying the cli program.

Reference

http://www.portcullis-security.com/338.php http://www.securityfocus.com/bid/38176 https://exchange.xforce.ibmcloud.com/vulnerabilities/56248